Completed
Intro
Class Central Classrooms beta
YouTube playlists curated by Class Central.
Classroom Contents
Analyzing & Breaking QNX Exploit Mitigations and PRNGs for Embedded Systems
Automatically move to the next video in the Classroom when playback concludes
- 1 Intro
- 2 Automotive: BlackBerry Radar
- 3 Industrial: Nuclear HMI
- 4 Defense: Military Radios QNX Secures Major Design Win in Software Defined Radio
- 5 Medical: Surgical Robots
- 6 Carrier Routers: Cisco IOS-XR
- 7 Many more critical systems
- 8 What's New?
- 9 QNX Microkernel Architecture
- 10 QNX IPC Message Passing
- 11 QNX Attack Surface
- 12 QNX Security History
- 13 Syscalls
- 14 QNX Boot Process Power on
- 15 QNX Firmware
- 16 QNX Memory Layout - Nemespace - Userspace Separation
- 17 QNX User Management
- 18 QNX Process Management
- 19 QNX Process Abilities Limitations
- 20 Breaking' Rootless Execution
- 21 Qnet (Native Networking / TDP)
- 22 Qnet Security
- 23 Qnet EOP Vulnerability (CVE-2017-3891)
- 24 QNX Debugging
- 25 PRNG Quality
- 26 QNX Security-Oriented PRNGs
- 27 QNX 7 /dev/random
- 28 QNX 7 Kernel PRNG
- 29 Exploit Mitigation Quality
- 30 QNX Exploit Mitigations
- 31 QNX DEP
- 32 QNX ASLR - map_find_va
- 33 QNX ASLR - stack_randomize
- 34 QNX 6 ASLR - Weak RNG
- 35 QNX 6 ASLR - Bruteforcing
- 36 QNX 6 ASLR - procfs Infoleak (CVE-2017-3892)
- 37 QNX 6 ASLR-LD DEBUG Infoleak (CVE-2017-9369)
- 38 QNX 7 ASLR - Changes
- 39 QNX Stack Canaries
- 40 QNX 6 SSP - Weak RNG
- 41 QNX 6 SSP - Kernelspace
- 42 QNX 7 SSP - Changes
- 43 Relocation Read-Only (RELRO) to do
- 44 QNX 6 Broken RELRO (CVE-2017-3893)
- 45 QNX 6 RELRO
- 46 Patches
- 47 Conclusions
